> On Apr 4, 2018, at 4:32 AM, Richard Levitte <levitte at openssl.org> wrote:
>> The fix itself is easy (just add a line saying 'CPP=$(CC) -E'), and
> that's not what I'm here to talk about, but rather how we want to act
> in cases like this. Do we make a new release? Do we create an
> official patch? Do we make a link to the corrective github PR?
> My own sense is that we should put up something, and it should be
> visible on our download page and in our source archives.
>> Whatever we decide should become policy.
I'd reissue an updated tarball as openssl-1.1.0h-u1.tar.gz,
where "u1" is "update 1". This changes only a build bug,
not the code, so I'm tempted to keep the release name still
1.1.0h and not bump to 1.1.0i.d
--
Viktor.